Re: Wordpress Valums Uploader - File Upload Vulnerability

This issue is NOT with the file uploader javascript client. If any uploaded files are accessible without credentials, this is the fault of the developer who wrote the server-side code and did not take proper security precautions.

Wordpress Valums Uploader - File Upload Vulnerability

Title: == Wordpress Valums Uploader - File Upload Vulnerability Date: = 2013-01-04 References: === http://www.vulnerability-lab.com/get_content.php?id=817 VL-ID: = 817 Common Vulnerability Scoring System: 7.5 Abstract